Skip to content

fix: Prioritize 7z for MSI extraction when both unzip and 7z are installed(fixed the issue) #5004

New issue
New issue
Open
Open
fix: Prioritize 7z for MSI extraction when both unzip and 7z are installed(fixed the issue)#5004
Labels
bugSomething isn't working
@rudrajosh

Description

@rudrajosh
rudrajosh
opened on Apr 5, 2025

Fix: Prioritize 7z for MSI extraction when both unzip and 7z are installed

This pull request addresses a bug in cve-bin-tool related to MSI file extraction.

  • Problem: MSI extraction failed when both unzip and 7z were installed.
  • Cause: The tool's logic in extractor.py incorrectly prioritized unzip for MSI files, which unzip doesn't handle reliably.
  • Solution: Modified the extract_file_zip function in extractor.py.
    • Now, the tool checks for the .msi extension first.
    • If the file is an MSI, it attempts extraction using 7z.
    • If 7z fails or is not present, it falls back to unzip for other ZIP archives.
  • Benefit: Ensures correct MSI extraction in environments with both unzip and 7z.
  • Impact: Improves the robustness of cve-bin-tool when analyzing Windows installer packages.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions